Application Security Testing: An Integral Part of DevOps
AJAX has been breaking new ground almost every day. With over 150 AJAX frameworks, there are plenty of options to choose from and, one might say, there are too many. Most of the AJAX frameworks provide you with browser extension libraries that will help you utilize the browser and interact with the server in a more productive way. What they are trying to do in most cases is to provide larger building blocks to achieve your goals by abstracting the calls to the browser API and to the server.
Server-based AJAX is a recent addition to the AJAX frameworks arena; it basically changes the way you think about AJAX applications. It introduces a concept of server-based computing for web applications where your code runs entirely on the server and reflects changes to the client. This concept is used widely in remote desktop or application streaming software, but has not been available until now for web developers.
There are some downsides to the server-based AJAX concept, mainly in terms of scalability, because you are utilizing a server session to run your application, but when applied to enterprise applications, rather then Amazon-sized sites, you get a very nice ROI that you would not get in any other architecture. In terms of responsiveness and performance, one would think that this concept lacks, but the opposite is the case; the server uses fewer resources in terms of CPU and IO because it does not have to receive/return large blobs and, most importantly, does not need to construct and deconstruct the application classes on every request. Also, as said before, there are many optimizations that can be applied to reduce server callbacks and bandwidth consumption.
The server-based AJAX concepts may just be the solution for enterprise AJAX applications because it provides these applications with the best of both worlds. Having a responsive, rich AJAX UI that behaves pretty much like desktop UI, but still maintaining the productivity, IP protection, and security of running the application on server side provides a compelling offering for enterprises.